I have a problem to execute a Stored Procedure (FIREBIRD) from php:
$sqlSP="select record_created,record_updated from SP_IMPORT_CRM_SELECTIE (11, 'AC015612','".$tester."'..............
When $tester containts this symbol ' I have a problem..
how can I fix that?
Essentially, you need to escape the string before using it within a query.
The best way to do this is through the use of PDO prepared statements:
$sqlSP="select record_created,record_updated from SP_IMPORT_CRM_SELECTIE (11, 'AC015612',:tester)";
$ps=$dbhandle->prepare($sqlSP);
$ps->bindParam(':tester',$tester,PDO::PARAM_STR);
$ps->execute();
(assuming that $dbhandle is your PDO object)
Try binding the parameters, take a look at the prepare method.
来源:https://stackoverflow.com/questions/20329757/php-pdo-apostrophe